Multi-agent Based Approach of Botnet Detection in Computer Systems

A new approach for the botnet detection based on multi-agent system is proposed. For increasing of the efficiency of botnet detection multi-agent systems were involve that allowed to make antivirus diagnosis via agents’ communication within corporate network. The structure and main principles of antiviral agents’ functioning within multi-agent system are developed. The principles of communication between the agent’s units before and after attack on the computer system were developed. A new technique for sensor diagnosis in monitor mode which uses fuzzy logic was developed. A new technique for sensor diagnosis in scanner mode with generation of detectors using the modified negative selection algorithm was developed.